Untrusted search path vulnerability in The electronic authentication system based on the commercial registration system βThe CRCA userβs Softwareβ Ver1.8 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.